[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Network Layout

To: klug@xxxxxxxxxxxxxxxx
Subject: Network Layout
From: Richard Lohman <rjlohman@xxxxxxxxx>
Date: Wed, 30 Dec 1998 13:49:08 -0800 (PST)


Hi all.
    I'm having some trouble & thoughout I might throw this out to the
list for comments.
    First, here's my network layout:


                                         Other
                                        Private
                                        Subnets
                             _______       |
                            |e-mail |   ___|____
                            |server |  |router  |
 __   ___         _____     |_______|  |________|
/  ---   \       |     |        |          |
|Internet|-------|     |-----------------------------
\__/\___/        |_____|            _|_       _|_
                 Firewall          |   |     |   |
                                  _|___|_   _|___|_
                                 |client | |client |
                                 |_______| |_______|

Our subnets are numbered 135.101.1.0, 135.102.1.0, 135.103.1.0,
135.104.1.0, and 135.105.1.0. The e-mail server and firewall are
located in the 135.102.1.0 subnet. All are treated as class C
addresses. The firewall performs network address translation, as the
internal ip numbering is illegal. Firewall also does proxying,
filtering, & caching. DNS services are provided for us by GTE (our
connection goes to them), and is on the server 206.124.64.253 (the
public network). Our public address block is 207.175.49.x, of which
our internet router (not shown) and firewall each occupy an address.
Our MX record is also maintained with GTE. It (mail.porterco.org), as
well as the dns entry (porterco.org) both resolve back to the NIC on
the public side of the firewall.

With all of that out of the way, my question is simple. Is this a
strange, non-standard, flawed, etc. design?
I ask because we cannot receive e-mail into our e-mail server from
some other e-mail services. I took a look at the logs, and after an
smtp connection is established between the remote/local e-mail
servers, the local email server tries to establish an smtp connection
with the firewall NIC on the public side. Since this NIC's address is
in one subnet, and the e-mail is on another - the result is no
connection & no e-mail. Outgoing e-mail is not a problem. We've now
set up two different e-mail servers (one IBM, and one Linux), and they
respond the same, so it looks like perhaps a DNS/routing issue? Any
comments are appreciated.

:Rich



==
 ---------------------------------------------------------
| Richard J. Lohman        | If you always do what you've |
| Network Engineer         | always done, you'll always   |
| Data Processing Dept.    | get what you've always       |
| Porter County, IN        | got.                         |
 ---------------------------------------------------------

_________________________________________________________
DO YOU YAHOO!?
Get your free @yahoo.com address at http://mail.yahoo.com

Prev by Date: Re: Re(3): Re(2): Installing to the Boot sector
Next by Date: Re: CD-R(W) recommendations?
Prev by thread: Re: Re(3): Re(2): Installing to the Boot sector
Next by thread: Re: Network Layout
Index(es):
- Date
- Thread